@lilaquadrat/studio 10.0.0-beta.46 → 10.0.0-beta.48

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/lib/src/helpers/auth0config.d.ts +6 -0
  2. package/lib/src/helpers/auth0config.js +23 -0
  3. package/lib/src/helpers/auth0config.js.map +1 -0
  4. package/lib/src/helpers/authPlugin.js +26 -21
  5. package/lib/src/helpers/authPlugin.js.map +1 -1
  6. package/package.json +1 -1
package/lib/src/helpers/auth0config.d.ts ADDED
@@ -0,0 +1,6 @@
1
+ declare const _default: (app: string) => Promise<{
2
+ url: string;
3
+ issuer: string;
4
+ custom: boolean;
5
+ }>;
6
+ export default _default;
package/lib/src/helpers/auth0config.js ADDED
@@ -0,0 +1,23 @@
1
+ import ProjectModel from "../models/project.model.js";
2
+ export default async (app) => {
3
+ let settings = {
4
+ url: process.env.JWT_URL,
5
+ issuer: process.env.JWT_ISSUER,
6
+ custom: false,
7
+ };
8
+ if (app !== 'editor-app') {
9
+ const splitProject = app?.split('-');
10
+ if (splitProject) {
11
+ const project = await ProjectModel.db.findOne({ company: splitProject[0], id: splitProject[1] });
12
+ if (project?.auth0?.domain) {
13
+ settings = {
14
+ url: `https://${project?.auth0?.domain}/.well-known/jwks.json`,
15
+ issuer: `https://${project?.auth0?.domain}/`,
16
+ custom: true,
17
+ };
18
+ }
19
+ }
20
+ }
21
+ return settings;
22
+ };
23
+ //# sourceMappingURL=auth0config.js.map
package/lib/src/helpers/auth0config.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"auth0config.js","sourceRoot":"","sources":["../../../src/helpers/auth0config.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,4BAA4B,CAAC;AAEtD,eAAe,KAAK,EAAE,GAAW,EAAE,EAAE;IAEnC,IAAI,QAAQ,GAAG;QACb,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,OAAiB;QAClC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAoB;QACxC,MAAM,EAAE,KAAK;KACd,CAAC;IAEF,IAAI,GAAG,KAAK,YAAY,EAAE,CAAC;QAEzB,MAAM,YAAY,GAAG,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;QAErC,IAAI,YAAY,EAAE,CAAC;YAEjB,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAEjG,IAAI,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;gBAE3B,QAAQ,GAAG;oBACT,GAAG,EAAE,WAAW,OAAO,EAAE,KAAK,EAAE,MAAM,wBAAwB;oBAC9D,MAAM,EAAE,WAAW,OAAO,EAAE,KAAK,EAAE,MAAM,GAAG;oBAC5C,MAAM,EAAE,IAAI;iBACb,CAAC;YAEJ,CAAC;QAEH,CAAC;IAEH,CAAC;IAED,OAAO,QAAQ,CAAC;AAElB,CAAC,CAAC"}
package/lib/src/helpers/authPlugin.js CHANGED
@@ -1,33 +1,38 @@
1
+ import { promisify } from 'node:util';
1
2
  import fp from 'fastify-plugin';
2
3
  import fastifyJwt from '@fastify/jwt';
3
4
  import jwksRsa from 'jwks-rsa';
4
5
  import respondCode from '../functions/respondCode.js';
6
+ import auth0config from './auth0config.js';
5
7
  const authPlugin = async (fastify) => {
6
8
  if (process.env.ENV !== 'dev') {
7
- // Create a single JWKS client instance with aggressive caching
8
- const jwksClient = jwksRsa({
9
- cache: true,
10
- cacheMaxEntries: 5,
11
- cacheMaxAge: 600000, // 10 minutes in ms
12
- rateLimit: true,
13
- jwksRequestsPerMinute: 10,
14
- jwksUri: process.env.JWT_URL,
15
- });
9
+ // Per-domain JWKS client cache to avoid re-creating clients on every request
10
+ const jwksClients = new Map();
11
+ const getJwksClient = (jwksUri) => {
12
+ if (!jwksClients.has(jwksUri)) {
13
+ jwksClients.set(jwksUri, jwksRsa({
14
+ cache: true,
15
+ cacheMaxEntries: 5,
16
+ cacheMaxAge: 600000, // 10 minutes in ms
17
+ rateLimit: true,
18
+ jwksRequestsPerMinute: 10,
19
+ jwksUri,
20
+ }));
21
+ }
22
+ return jwksClients.get(jwksUri);
23
+ };
16
24
  // Production: Register JWT with JWKS
17
25
  await fastify.register(fastifyJwt, {
18
26
  decode: { complete: true },
19
- secret: (request, token, callback) => {
20
- const { header } = token;
21
- // Use the cached client instance
22
- jwksClient.getSigningKey(header.kid, (err, key) => {
23
- if (err) {
24
- callback(err, undefined);
25
- }
26
- else {
27
- const signingKey = key?.getPublicKey();
28
- callback(null, signingKey);
29
- }
30
- });
27
+ secret: async (request, token) => {
28
+ const header = 'header' in token ? token.header : token;
29
+ const app = request.studioApp ?? 'editor-app';
30
+ const settings = await auth0config(app);
31
+ request.customApp = settings.custom;
32
+ const jwksUri = settings.url;
33
+ const client = getJwksClient(jwksUri);
34
+ const key = await promisify(client.getSigningKey.bind(client))(header.kid);
35
+ return key.getPublicKey();
31
36
  },
32
37
  verify: {
33
38
  algorithms: ['RS256']
package/lib/src/helpers/authPlugin.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"authPlugin.js","sourceRoot":"","sources":["../../../src/helpers/authPlugin.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAChC,OAAO,UAAU,MAAM,cAAc,CAAC;AACtC,OAAO,OAAO,MAAM,UAAU,CAAC;AAC/B,OAAO,WAAW,MAAM,6BAA6B,CAAC;AA+BtD,MAAM,UAAU,GAAuB,KAAK,EAAE,OAAwB,EAAE,EAAE;IAExE,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;QAE9B,+DAA+D;QAC/D,MAAM,UAAU,GAAG,OAAO,CAAC;YACzB,KAAK,EAAE,IAAI;YACX,eAAe,EAAE,CAAC;YAClB,WAAW,EAAE,MAAM,EAAE,mBAAmB;YACxC,SAAS,EAAE,IAAI;YACf,qBAAqB,EAAE,EAAE;YACzB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,OAAiB;SACvC,CAAC,CAAC;QAEH,qCAAqC;QACrC,MAAM,OAAO,CAAC,QAAQ,CAAC,UAAU,EAAE;YACjC,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;YAC1B,MAAM,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE;gBAEnC,MAAM,EAAE,MAAM,EAAE,GAAG,KAAK,CAAC;gBAEzB,iCAAiC;gBACjC,UAAU,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;oBAEhD,IAAI,GAAG,EAAE,CAAC;wBAER,QAAQ,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;oBAE3B,CAAC;yBAAM,CAAC;wBAEN,MAAM,UAAU,GAAG,GAAG,EAAE,YAAY,EAAE,CAAC;wBACvC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;oBAE7B,CAAC;gBAEH,CAAC,CAAC,CAAC;YAEL,CAAC;YACD,MAAM,EAAE;gBACN,UAAU,EAAE,CAAC,OAAO,CAAC;aACtB;SACF,CAAC,CAAC;QAEH,mDAAmD;QACnD,OAAO,CAAC,QAAQ,CAAC,cAAc,EAAE,KAAK,EAAE,OAAuB,EAAE,KAAmB,EAAE,EAAE;YAEtF,IAAI,CAAC;gBAEH,MAAM,OAAO,CAAC,SAAS,EAAE,CAAC;gBAE1B,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;YAE9B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBAEb,OAAO,WAAW,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;YAE5C,CAAC;QAEH,CAAC,CAAC,CAAC;IAEL,CAAC;SAAM,CAAC;QAEN,2BAA2B;QAC3B,OAAO,CAAC,QAAQ,CAAC,cAAc,EAAE,KAAK,EAAE,OAAuB,EAAE,KAAmB,EAAE,EAAE;YAEtF,OAAO,CAAC,IAAI,GAAG;gBACb,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,QAAS;gBAC1B,UAAU,EAAE,KAAK;gBACjB,WAAW,EAAE,MAAM;gBACnB,QAAQ,EAAE,SAAS;gBACnB,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,EAAE;gBACX,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACpC,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;gBAClC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI;gBACzC,OAAO,EAAE,EAAE;gBACX,KAAK,EAAE,EAAE;gBACT,cAAc,EAAE,IAAI;aACrB,CAAC;QAEJ,CAAC,CAAC,CAAC;IAEL,CAAC;AAEH,CAAC,CAAC;AAEF,eAAe,EAAE,CAAC,UAAU,EAAE;IAC5B,IAAI,EAAE,aAAa;CACpB,CAAC,CAAC"}
1
+ {"version":3,"file":"authPlugin.js","sourceRoot":"","sources":["../../../src/helpers/authPlugin.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AAEtC,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAChC,OAAO,UAA6B,MAAM,cAAc,CAAC;AACzD,OAAO,OAAO,MAAM,UAAU,CAAC;AAC/B,OAAO,WAAW,MAAM,6BAA6B,CAAC;AACtD,OAAO,WAAW,MAAM,kBAAkB,CAAC;AA+B3C,MAAM,UAAU,GAAuB,KAAK,EAAE,OAAwB,EAAE,EAAE;IAExE,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;QAE9B,6EAA6E;QAC7E,MAAM,WAAW,GAAG,IAAI,GAAG,EAA8B,CAAC;QAE1D,MAAM,aAAa,GAAG,CAAC,OAAe,EAAE,EAAE;YAExC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBAE9B,WAAW,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC;oBAC/B,KAAK,EAAE,IAAI;oBACX,eAAe,EAAE,CAAC;oBAClB,WAAW,EAAE,MAAM,EAAE,mBAAmB;oBACxC,SAAS,EAAE,IAAI;oBACf,qBAAqB,EAAE,EAAE;oBACzB,OAAO;iBACR,CAAC,CAAC,CAAC;YAEN,CAAC;YAED,OAAO,WAAW,CAAC,GAAG,CAAC,OAAO,CAAE,CAAC;QAEnC,CAAC,CAAC;QAEF,qCAAqC;QACrC,MAAM,OAAO,CAAC,QAAQ,CAAC,UAAU,EAAE;YACjC,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;YAC1B,MAAM,EAAE,KAAK,EAAE,OAAuB,EAAE,KAAoB,EAAmB,EAAE;gBAE/E,MAAM,MAAM,GAAG,QAAQ,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;gBACxD,MAAM,GAAG,GAAG,OAAO,CAAC,SAAS,IAAI,YAAY,CAAC;gBAC9C,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,CAAC;gBAExC,OAAO,CAAC,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC;gBAEpC,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC;gBAC7B,MAAM,MAAM,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;gBACtC,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAE3E,OAAO,GAAG,CAAC,YAAY,EAAE,CAAC;YAE5B,CAAC;YACD,MAAM,EAAE;gBACN,UAAU,EAAE,CAAC,OAAO,CAAC;aACtB;SACF,CAAC,CAAC;QAEH,mDAAmD;QACnD,OAAO,CAAC,QAAQ,CAAC,cAAc,EAAE,KAAK,EAAE,OAAuB,EAAE,KAAmB,EAAE,EAAE;YAEtF,IAAI,CAAC;gBAEH,MAAM,OAAO,CAAC,SAAS,EAAE,CAAC;gBAE1B,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;YAE9B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBAEb,OAAO,WAAW,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;YAE5C,CAAC;QAEH,CAAC,CAAC,CAAC;IAEL,CAAC;SAAM,CAAC;QAEN,2BAA2B;QAC3B,OAAO,CAAC,QAAQ,CAAC,cAAc,EAAE,KAAK,EAAE,OAAuB,EAAE,KAAmB,EAAE,EAAE;YAEtF,OAAO,CAAC,IAAI,GAAG;gBACb,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,QAAS;gBAC1B,UAAU,EAAE,KAAK;gBACjB,WAAW,EAAE,MAAM;gBACnB,QAAQ,EAAE,SAAS;gBACnB,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,EAAE;gBACX,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACpC,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,KAAK;gBACV,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;gBAClC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI;gBACzC,OAAO,EAAE,EAAE;gBACX,KAAK,EAAE,EAAE;gBACT,cAAc,EAAE,IAAI;aACrB,CAAC;QAEJ,CAAC,CAAC,CAAC;IAEL,CAAC;AAEH,CAAC,CAAC;AAEF,eAAe,EAAE,CAAC,UAAU,EAAE;IAC5B,IAAI,EAAE,aAAa;CACpB,CAAC,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lilaquadrat/studio",
3
- "version": "10.0.0-beta.46",
3
+ "version": "10.0.0-beta.48",
4
4
  "description": "classes and tools for STUDIO",
5
5
  "type": "module",
6
6
  "license": "MIT",